QQBrowserSkill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser-automation skill with normal browser risks, but no artifact-backed evidence of hidden or malicious behavior.

Install only if you trust the PyPI package and QQ Browser distribution source. Use the skill for user-directed browsing tasks, confirm domains before entering sensitive information, and require explicit confirmation before logins, purchases, public posts, account changes, downloads, or JavaScript execution on untrusted pages.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill description is broad enough to match many generic web-related tasks, which can cause an agent to invoke a browser-capable tool unnecessarily. In this skill's context, unintended invocation is more dangerous because the tool has both network and filesystem access and can navigate arbitrary sites, download files, and interact with web content.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation demonstrates form filling and browser interaction but does not warn against entering passwords, payment data, MFA codes, or other sensitive information into websites without explicit user consent and trust verification. Because this is a browser automation skill, the absence of such warnings increases the risk of credential phishing, accidental submission of secrets, and unsafe handling of personal data.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal